diff options
author | friendica <info@friendica.com> | 2012-12-14 00:45:30 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2012-12-14 00:45:30 -0800 |
commit | d39fb9b1d5208b18da364873d10f51e23b94bd7e (patch) | |
tree | 9c487ba79579c281a688a1a676ae9ace2c938689 /mod | |
parent | ecce0f0e211f069f4e0daf661755e89f7f32f020 (diff) | |
download | volse-hubzilla-d39fb9b1d5208b18da364873d10f51e23b94bd7e.tar.gz volse-hubzilla-d39fb9b1d5208b18da364873d10f51e23b94bd7e.tar.bz2 volse-hubzilla-d39fb9b1d5208b18da364873d10f51e23b94bd7e.zip |
converging on a workable crypto auth handshake
Diffstat (limited to 'mod')
-rw-r--r-- | mod/magic.php | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/mod/magic.php b/mod/magic.php index c457c97ea..b48e2b8c9 100644 --- a/mod/magic.php +++ b/mod/magic.php @@ -49,9 +49,21 @@ function magic_init(&$a) { // Just redirect. goaway($desturl); } + + $token = random_string(); + $recip = array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig'])); $channel = $a->get_channel(); $hash = random_string(); + + $r = q("insert into verify ( type, channel, token, meta, created) values ('%s','%d','%s','%s','%s')", + dbesc('auth'), + intval($channel['channel_id']), + dbesc($token), + dbesc($hubloc['hubloc_hash']), + dbesc(datetime_convert()) + ); + $packet = zot_build_packet($channel,'auth',$recip,$x[0]['hubloc_sitekey'],$hash); $result = zot_zot($x[0]['hubloc_callback'],$packet); if($result['success']) { @@ -60,8 +72,14 @@ function magic_init(&$a) { $y = aes_unencapsulate($j,$channel['prvkey']); $j = json_decode($y,true); } - if($y['token']) - goaway($x[0]['callback'] . '?f=&token=' . $token . '&dest=' . $dest); + if($j['token'] && $j['ticket'] && $j['token'] === $token) { + $r = q("delete from verify where token = '%s' and type = '%s' and channel = %d limit 1", + dbesc($token), + dbesc('auth'), + intval($channel['channel_id']) + ); + goaway($x[0]['callback'] . '?f=&ticket=' . $ticket . '&dest=' . $dest); + } } goaway($dest); } |